yaso_meth/mih-project
2
4
Fork 2
Code Issues 8 Pull Requests Actions Packages Projects Releases 1 Wiki Activity

MIH Security Vulnerbilities #2

New Issue
Open
opened 2026-02-04 11:52:36 +00:00 by yaso_meth · 0 comments
yaso_meth commented 2026-02-04 11:52:36 +00:00
Owner
Copy Link

Changes required as per the attached document

  • Public Exposure of Internal Infrastructure Services
  • Hardcoded SuperTokens API Key
  • Backend Auth Secret distributed in Frontend
  • CORS Misconfigurations
  • Unsafe File Upload and Path Construction
  • Containers Running and root
  • Missing Web Security Headers
Changes required as per the attached document - [x] Public Exposure of Internal Infrastructure Services - [x] Hardcoded SuperTokens API Key - [x] Backend Auth Secret distributed in Frontend - [x] CORS Misconfigurations - [ ] Unsafe File Upload and Path Construction - [ ] Containers Running and root - [x] Missing Web Security Headers
mih-auth-test.pdf
681 KiB
yaso_meth added reference main 2026-02-04 11:52:57 +00:00
yaso_meth added the bug label 2026-02-05 23:05:20 +00:00
yaso_meth added the help wanted label 2026-02-18 11:42:25 +00:00
Sign in to join this conversation.
main
Branches Tags
Labels
Clear labels
bug
Something is not working
 duplicate
This issue or pull request already exists
 help wanted
Need some help
 invalid
Something is wrong
 New Features
QOL
New feature
 question
More information is needed
 wontfix
This won't be fixed
No Label bug help wanted
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
yaso_meth
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: yaso_meth/mih-project#2
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?